package com.fancy.projecty.config.shiro;

import org.apache.shiro.codec.Base64;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.CookieRememberMeManager;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.servlet.SimpleCookie;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;


import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * shiro 学习:
 * https://www.jianshu.com/p/a711961b07db
 */
@Configuration
public class ShiroConfig {

	/**
	 * 配置Shiro的Web过滤器，拦截浏览器请求并交给SecurityManager处理
	 *
	 * @return
	 */
	@Bean
	public ShiroFilterFactoryBean webFilter(SecurityManager securityManager) {

		ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
		shiroFilterFactoryBean.setSecurityManager(securityManager);


		//配置拦截链 使用LinkedHashMap,因为LinkedHashMap是有序的，shiro会根据添加的顺序进行拦截
		// Map<K,V> K指的是拦截的url V值的是该url是否拦截

		Map<String, String> filterChainMap = new LinkedHashMap<>(16);

		// 设置自定义的过滤器
		Map<String, Filter> filters = new HashMap<>();
		filters.put("auth", new AjaxPermissionsAuthorizationFilter());
//		filters.put("auth", new JWTAuthFilter());
		shiroFilterFactoryBean.setFilters(filters);

		//设置拦截请求后跳转的URL.
		shiroFilterFactoryBean.setLoginUrl("/login");
		//authc:所有url都必须认证通过才可以访问; anon:所有url都都可以匿名访问,先配置anon再配置authc。
		filterChainMap.put("/login", "anon");
		filterChainMap.put("/getStatus", "anon");
		//放行Swagger2页面，需要放行这些
		filterChainMap.put("/swagger-ui.html", "anon");
		filterChainMap.put("/swagger/**", "anon");
		filterChainMap.put("/webjars/**", "anon");
		filterChainMap.put("/swagger-resources/**", "anon");
		filterChainMap.put("/v2/**", "anon");
		filterChainMap.put("/static/**", "anon");
		filterChainMap.put("/index", "user");
		shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainMap);

//		filterChainMap.put("/**", "authc");
		filterChainMap.put("/**", "auth");



		return shiroFilterFactoryBean;
	}


	@Bean
	public DefaultWebSecurityManager securityManager() {
		DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
		securityManager.setRealm(this.CustomRealm());
		return securityManager;
	}

	@Bean
	public CustomRealm CustomRealm() {
		CustomRealm customRealm = new CustomRealm();

		return customRealm;
	}

	/**
	 * 开启Shiro的注解(如@RequiresRoles,@RequiresPermissions),需借助SpringAOP扫描使用Shiro注解的类,并在必要时进行安全逻辑验证
	 * 配置以下两个bean(DefaultAdvisorAutoProxyCreator和AuthorizationAttributeSourceAdvisor)即可实现此功能
	 *
	 * @return
	 */
	@Bean
	public DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator() {
		DefaultAdvisorAutoProxyCreator advisorAutoProxyCreator = new DefaultAdvisorAutoProxyCreator();
		advisorAutoProxyCreator.setProxyTargetClass(true);
		return advisorAutoProxyCreator;
	}

	/**
	 * 开启aop注解支持
	 *
	 * @return
	 */
	@Bean
	public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor() {
		AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor = new AuthorizationAttributeSourceAdvisor();
		authorizationAttributeSourceAdvisor.setSecurityManager(this.securityManager());
		return authorizationAttributeSourceAdvisor;
	}


}